VIR Vulnerability Intelligence Relay

CVE-2026-32178

high
Published 2026-04-16 · Modified 2026-04-17
CVSS v3
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
CVSS v2
VIR risk
7.5

Description

Important: .NET 8.0 security update

Predictions

Exploit likelihood
83%
Patch ETA

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: alma — https://errata.almalinux.org/9/ALSA-2026-8469.html

vendor Authored 2026-05-27

Vendor advisory: alma — https://errata.almalinux.org/8/ALSA-2026-8475.html

vendor Authored 2026-05-27

Vendor advisory: alma — https://access.redhat.com/errata/RHSA-2026:8475

vendor Authored 2026-05-27

Vendor advisory: alma — https://errata.almalinux.org/8/ALSA-2026-8473.html

vendor Authored 2026-05-27

Vendor advisory: alma — https://access.redhat.com/errata/RHSA-2026:8473

vendor Authored 2026-05-27

Vendor advisory: alma — https://errata.almalinux.org/8/ALSA-2026-8468.html

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2457781

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2457741

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2457740

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2457739

vendor Authored 2026-05-27

Vendor advisory: alma — https://access.redhat.com/errata/RHSA-2026:8468

vendor Authored 2026-05-27

Vendor advisory: secure@microsoft.com — https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32178

vendor Authored 2026-05-27

Vendor advisory: redhat — https://access.redhat.com/errata/RHSA-2026:8474

vendor Authored 2026-05-27

Vendor advisory: redhat — https://access.redhat.com/errata/RHSA-2026:8471

vendor Authored 2026-05-27

Vendor advisory: redhat — https://access.redhat.com/errata/RHSA-2026:8469

OS impact
OSVersionStatusFixed in
redhat rhel9fixed
linux linux-kernel-not-affected
macos macos-not-affected

Package impact
EcosystemPackageVulnerableFixed
nuget NuGetMicrosoft.NetCore.App.Runtime.linux-arm>=10.0.0,<10.0.610.0.6
nuget NuGetMicrosoft.NetCore.App.Runtime.linux-musl-arm>=10.0.0,<10.0.610.0.6
nuget NuGetMicrosoft.NetCore.App.Runtime.linux-arm64>=10.0.0,<10.0.610.0.6
nuget NuGetMicrosoft.NetCore.App.Runtime.linux-musl-x64>=10.0.0,<10.0.610.0.6
nuget NuGetMicrosoft.NetCore.App.Runtime.linux-musl-arm64>=10.0.0,<10.0.610.0.6
nuget NuGetMicrosoft.NetCore.App.Runtime.linux-x64>=10.0.0,<10.0.610.0.6
nuget NuGetMicrosoft.NetCore.App.Runtime.osx-arm64>=10.0.0,<10.0.610.0.6
nuget NuGetMicrosoft.NetCore.App.Runtime.osx-x64>=10.0.0,<10.0.610.0.6
nuget NuGetMicrosoft.NetCore.App.Runtime.win-arm>=10.0.0,<10.0.610.0.6
nuget NuGetMicrosoft.NetCore.App.Runtime.win-arm64>=10.0.0,<10.0.610.0.6
nuget NuGetMicrosoft.NetCore.App.Runtime.win-x64>=10.0.0,<10.0.610.0.6
nuget NuGetMicrosoft.NetCore.App.Runtime.win-x86>=10.0.0,<10.0.610.0.6
nuget NuGetMicrosoft.NetCore.App.Runtime.linux-arm>=9.0.0,<9.0.159.0.15
nuget NuGetMicrosoft.NetCore.App.Runtime.linux-arm64>=9.0.0,<9.0.159.0.15
nuget NuGetMicrosoft.NetCore.App.Runtime.linux-musl-arm>=9.0.0,<9.0.159.0.15
nuget NuGetMicrosoft.NetCore.App.Runtime.linux-musl-arm64>=9.0.0,<9.0.159.0.15
nuget NuGetMicrosoft.NetCore.App.Runtime.linux-musl-x64>=9.0.0,<9.0.159.0.15
nuget NuGetMicrosoft.NetCore.App.Runtime.linux-x64>=9.0.0,<9.0.159.0.15
nuget NuGetMicrosoft.NetCore.App.Runtime.osx-arm64>=9.0.0,<9.0.159.0.15
nuget NuGetMicrosoft.NetCore.App.Runtime.osx-x64>=9.0.0,<9.0.159.0.15
nuget NuGetMicrosoft.NetCore.App.Runtime.win-arm>=9.0.0,<9.0.159.0.15
nuget NuGetMicrosoft.NetCore.App.Runtime.win-arm64>=9.0.0,<9.0.159.0.15
nuget NuGetMicrosoft.NetCore.App.Runtime.win-x64>=9.0.0,<9.0.159.0.15
nuget NuGetMicrosoft.NetCore.App.Runtime.win-x86>=9.0.0,<9.0.159.0.15
nuget NuGetMicrosoft.NetCore.App.Runtime.linux-arm>=8.0.0,<8.0.268.0.26
nuget NuGetMicrosoft.NetCore.App.Runtime.linux-arm64>=8.0.0,<8.0.268.0.26
nuget NuGetMicrosoft.NetCore.App.Runtime.linux-musl-arm>=8.0.0,<8.0.268.0.26
nuget NuGetMicrosoft.NetCore.App.Runtime.linux-musl-arm64>=8.0.0,<8.0.268.0.26
nuget NuGetMicrosoft.NetCore.App.Runtime.linux-musl-x64>=8.0.0,<8.0.268.0.26
nuget NuGetMicrosoft.NetCore.App.Runtime.linux-x64>=8.0.0,<8.0.268.0.26
nuget NuGetMicrosoft.NetCore.App.Runtime.osx-arm64>=8.0.0,<8.0.268.0.26
nuget NuGetMicrosoft.NetCore.App.Runtime.osx-x64>=8.0.0,<8.0.268.0.26
nuget NuGetMicrosoft.NetCore.App.Runtime.win-arm>=8.0.0,<8.0.268.0.26
nuget NuGetMicrosoft.NetCore.App.Runtime.win-arm64>=8.0.0,<8.0.268.0.26
nuget NuGetMicrosoft.NetCore.App.Runtime.win-x64>=8.0.0,<8.0.268.0.26
nuget NuGetMicrosoft.NetCore.App.Runtime.win-x86>=8.0.0,<8.0.268.0.26

Application impact
VendorProductVersionsFixed
windows microsoft.net{"startIncluding":"10.0.0","endExcluding":"10.0.6"}10.0.6
windows microsoftvisual_studio_2022{"startIncluding":"17.12.0","endExcluding":"17.12.19"}17.12.19

References

CWEs

CWE-138

Verify integrity in audit chain (admin only). AS-IS.